Hundreds of Popular Websites Have Been Tracking Users’ Every Keystroke, Researchers Find

Have you ever started shopping online, filled up a virtual shopping cart, and then, for whatever reason, decided not to buy the items? Chances are, you probably got a creepy email about the stuff still in your cart the next day, or even mere hours after you left the website. Well, brace yourself, because there may be an unsettling reason why this keeps happening to you — and it has to do with new research on internet security.

Researchers at Princeton University recently discovered the same security flaw on more than 400 popular websites, including Microsoft.com, Adobe.com, and Wordpress.com. All these websites are running code that can track everything you type without your consent — or even your knowledge. If you begin to fill out an online form with information like your email address or phone number, the websites have access to your tracking information — even if you decide not to follow through with finishing said form.

Though many of the websites use the code simply to track engagement of their customers and to brainstorm ways to improve the user experience, some sites actually send recordings of your private activity and identifying information to strangers. Worryingly, websites using the code for innocent reasons could be more vulnerable to hacks. So if you accidentally visit any pages that don't properly protect your sensitive information, it could put your privacy at risk.

How to Protect Yourself Against the Security Flaw

Since the report came out, some popular websites have announced that they will stop the use of those codes or are brainstorming a way to improve the safety and security of them — but you may not want to wait until every single site figures this out. Luckily, there's one solid, surefire way to defend yourself from session replay scripts at this point: Install AdBlock Plus on your computer. After the Princeton study, it's been updated to protect you from every one of these scripts.